I've got a weird little problem.
I'm writing a script that inserts multiple rows into a MySQL DB, quirk is that their IDs are not necessarily a nice neat 1,2,3 set as they're being edited. The continue statement must be skipping every row as it times out in PHP. This has been doing my head in for the past few hours. Any ideas?
Thanks!
$items = $_POST['invItemQuantity'];
$i = 1;
while($i <= $items) {
if(!isset($_POST['item'.$i])) continue;
//assign posts to variables
$date = $_POST["item_date".$i];
$description = $_POST["description".$i];
$price = $_POST["price".$i];
$ID = $_POST["item".$i];
$que = "UPDATE invoice_items SET date='".$date."', description ='".$description."', price ='".$price."' WHERE item_ID=".$ID;
$test .= $que."<br>";
$i++;
}
if(!isset($_POST['item'.$i])) continue;
You forgot to increment i in that case. Fix it to :
if(!isset($_POST['item'.$i])) { $i++; continue; }
Your whole approach to this is very strange. I'm guessing in your form you have item1, item2, item3 etc. Instead you should have items[] for all of them to submit it as an array. Do the same for each item_date, description and price. Then simply run:
foreach($_POST['items'] as $i => $item) {
if(!empty($item)) {
$date = mysql_real_escape_string(trim($_POST['item_date'][$i]));
$description = mysql_real_escape_string(trim($_POST['description'][$i]));
$price = mysql_real_escape_string(trim($_POST['price'][$i]));
$ID = (int)$_POST['item'][$i];
//UPDATE QUERY...
}
}
The other thing is you should never take user input and directly input it into the database as that leaves you wide open to SQL injections. You should always escape it first using mysql_real_escape_string (for mysql). Even better would be to learn MySQLi or PDO.
You may also wish to look at filter_input, a good way to make sure that your inputs are clean. You should never trust user input and should always test it against a white list of suitable variables if possible.
Since you need to iterate over all the item fields no matter what, a for loop might make it easier to not forget your increment action.
$items = $_POST['invItemQuantity'];
for($i=1; $i<=$items; $i++)
{
if(!isset($_POST['item'.$i])) continue;
// ...
}
You might also want to perform some validation on "$_POST['invItemQuantity']" before you use it in your code (e.g. verify it contains a number of expected range).